Date: Wed, 27 Aug 2008 12:45:00 -0700 From: "Peter Wemm" <peter@wemm.org> To: "Robert Watson" <rwatson@freebsd.org> Cc: freebsd-arch@freebsd.org, Alfred Perlstein <alfred@freebsd.org>, Ivan Voras <ivoras@freebsd.org>, Matthew Macy <mat.macy@gmail.com> Subject: Re: FreeBSD and DEP aka "NX bit"? Message-ID: <e7db6d980808271245v34dd8c7aked7273bd995135e5@mail.gmail.com> In-Reply-To: <alpine.BSF.1.10.0808271009340.60038@fledge.watson.org> References: <g8q8i5$s9g$2@ger.gmane.org> <3c1674c90808231713x47e42de5oa9fc2f2f244d2e74@mail.gmail.com> <20080826074943.GB85357@duncan.reilly.home> <20080826162807.GF16977@elvis.mu.org> <20080827011949.GA98242@duncan.reilly.home> <alpine.BSF.1.10.0808271009340.60038@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Aug 27, 2008 at 2:10 AM, Robert Watson <rwatson@freebsd.org> wrote: > On Wed, 27 Aug 2008, Andrew Reilly wrote: > >> On Tue, Aug 26, 2008 at 09:28:07AM -0700, Alfred Perlstein wrote: >>> >>> * Andrew Reilly <andrew-freebsd@areilly.bpc-users.org> [080826 00:51] >>> wrote: >>>> >>>> I've been using 7-STABLE on amd64 for a long time, and haven't noticed >>>> any problems with Java or SBCL lisp or PLT-scheme, all of which use JIT code >>>> generation (but probably neither use jemalloc?) >>> >>> mprotect(2)? >> >> Fair enough. Good to know that it's actually tweaking the NX permissions, >> I guess. The man page seems a little vague about when it might succeed, and >> what effect it might have... > > We're behind on the not-mapping-writable stuff, so for better (and worse) > quite a few such things in application have been faulted in by other > operating systems already. That doesn't mean there won't be issues, but > does have the redeeming aspect that things should be less bumpy for us going > forward. Hopefully we can start making that progress a bit more quickly... I recall seeing config.h code chunks to turn sections of the stack on/off for execution on (I think) sparc64. It might have been for netbsd. If my memory serves correctly, libgcc grew code to do mprotect(), and the gcc code generator would call it as appropriate when it needed to do its magic. I think this was for an older version of gcc though. -- Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com; KI6FJV "All of this is for nothing if we don't go to the stars" - JMS/B5 "If Java had true garbage collection, most programs would delete themselves upon execution." -- Robert Sewell
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e7db6d980808271245v34dd8c7aked7273bd995135e5>